You are all so blind, aren't you? Yes, IE and Firefox were hacked on Windows, what Nick is saying is that Safari on the iPhone and OS X were hacked FIRST.

@bob Your so one sided... The reason Windows has so much malware is because they are targeted more. A hacker wants to do as much damage as possible, which cannot be done with an operating system that has a 8% (at the most!) market share compared to Windows at 90%. God your stupid.

@Mr Cat

I've been running multiple windows boxes, desktop, laptop and servers, ranging from windows xp to server 2008 r2 and everything in between, with windows 7 as my primary OS.

Being a consultant for small business, i get all sorts of odd requests and therefore find myself all over the web, downloading all sorts of random and unknown software, many times from places unknown. with that said, i cant tell you the last time i had malware running on any of my machines. i vaguely remember a trojan on my laptop 3 laptops ago, in 2006, running windows xp. since then, nothing...

so you keep right on claiming your false superiority of mac, over windows, and i'll keep on counting the money i saved by running windows on self built boxes...

What a piece of link-baiting trash! Nick Farrell, your name should be Dick Ferret!

Here are the facts: iPhone was hacked via mobile Safari; Mac OS X was hacked via Safari 4; and Window 7 was hacked via IE8 and Firefox.

The only thing that the Pwn2Own challenge proves is this: any device with an internet connection is potentially vulnerable. Be careful where you surf.

Window fanboys (can there be such a thing?) love to pull out the "we have lots of malware because we have so many computers" card. Too bad they can't seem to do the math to see that while Macs have only say 5% market share, they have a much smaller share of the malware. Windows is the clear winner in malware. It's no contest.

Mac OS more secure than Windows?

Charlie Miller (referred to earlier) said the following in an inverview (link at bottom):

"Safari on the Mac is easier to exploit. The things that Windows do to make it harder (for an exploit to work), Macs don’t do. Hacking into Macs is so much easier. You don’t have to jump through hoops and deal with all the anti-exploit mitigations you’d find in Windows."

"It’s more about the operating system than the (target) program. Firefox on Mac is pretty easy too. The underlying OS doesn’t have anti-exploit stuff built into it."

Nice to know Apple don't bother to protect their systems, just their shareholders. Let's continue.

"It’s clear that all three browsers (Safari, IE and Firefox) have bugs. Code execution holes everywhere. But that’s only half the equation. The other half is exploiting it. There’s almost no hurdle to jump through on Mac OS X."

No hurdles? I guess Jobs doesn't like hurdles.

Question: On a scale of 1-10, how impressive was the Nils’ sweep of exploiting all three main browsers?

Answer: I was surprised. For IE 8, I’d give him a 9 out of 10. For Safari, maybe a 2. It’s just too easy to pop Safari.

That last line sounds like mew hen I was 16.

Cry if you want to Apple-babies, here's the link:

http://blogs.zdnet.com/security/?p=2941

Mac fanboys are Mac fanboys because they aren't able to grasp the difference between "the most secure OS" and "the most targeted-by-hackers OS".

Which of these cases does your little experiment is going to prove, "Mr Cat"?

That's not fanboyism. If both options are bad, you grab the cheapest one, unless you're just stupid.

What makes the claims rabid? Run an AV program on a PC and a Mac that has been used for a month without AV protection and see which has proven to be the most secure.

Repeat with AV in place if you like.

Then you will have evidence as to whether the fanboys case is "rabid" or not.

would Nick say anything positive about Apple? They hire a security expert - he complains. Safari gets hacked (as does IE 8 and FireFox 3 on Windows 7) and he complains that they should take security more seriously.

The order in which systems were hacked isn't relevant. Time slots were handed out by random ballot. It could just have easily have been IE8 that got hacked first. What is important is that all of these flaws needed months of research to identify and exploit. The hackers didn't break these systems on the spot, they brought fully developed exploits with them. Non of this is script-kiddy easy.

Anyone who tells you that they have a 100% secure system is either lying or it's unusable. Apple have an advantage in that they present a much smaller target for hackers, but they are aware of this being eroded and seem to be taking an honest run at improving their systems (hence the hiring mentioned above). Even Charlie Miller, the guy who hacked Safari, still reckons it's a safer platform to use.

Let's see there's about 1 million types of malware directed at PCs, and a hand full for the Mac and iPhone. Time to buy a little perspective.

Apple follows msft path, and nothing user friendly will come out from it. It's the shareholders that counts not users.... so shut up all mac boys, and watch Jobs joining the dark side....

I'm a fan of apple products, it has to be said - but enough is enough now. Apple has had long enough to get their sh*t together, and done jack about it.

They got a drubbing last year and the year before that, if I'm not mistaken, so all my future Apple purchases are now on hold until I see some affirmative action on the security front.

It'll take a lot more to make me switch my primary OS to the "dark side" though. And I don't enjoy command-line pain enough to switch to linux (even though my redhat subscription is renewed yearly).

Maybe I'll just unplug the lot, and become are hermit or something. :-)